# Quickstart | Rijwind docs

# Quickstart

## 1. Create an account

Sign up at [rijwind.com/register](https://rijwind.com/register). A
default project and the **free** plan are provisioned automatically —
you can issue keys immediately, no credit card needed.

## 2. Issue an API key

In the dashboard, open
[**Projects**](https://rijwind.com/dashboard/projects), pick the default
project, and click **New key**. The plaintext key (it starts with
`rw_live_…`) is shown **once**. Save it.

By default the key has no allowed-origins whitelist, which means any
origin may call the API with it. For production keys, set the
allowed-origins list to your own domain(s) — this rejects calls from
anywhere else even if the key leaks. See
[Authentication](/authentication) for details.

## 3. Make a request

```sh
curl https://api.rijwind.com/search/geocode/v1/forward \
  -G \
  -H "Authorization: Bearer rw_live_•••YOUR_KEY•••" \
  --data-urlencode "q=Damrak 1, Amsterdam"
```

You should get a GeoJSON `FeatureCollection` back:

```json
{
  "type": "FeatureCollection",
  "features": [
    {
      "type": "Feature",
      "geometry": { "type": "Point", "coordinates": [4.8956, 52.3754] },
      "properties": {
        "name": "Damrak",
        "city": "Amsterdam",
        "country": "Netherlands",
        "countrycode": "NL",
        "type": "street"
      }
    }
  ]
}
```

If you get a `401 Unauthorized`, double-check the `Authorization` header
— it's `Bearer <key>` with a single space, no trailing characters.

## In a browser app

Same key, same URL, no special CORS dance — `api.rijwind.com` allows
cross-origin requests; the origin check happens against the key's
allowed-origins whitelist.

```js
const url = new URL("https://api.rijwind.com/search/geocode/v1/forward");
url.searchParams.set("q", "Damrak 1, Amsterdam");

const res = await fetch(url, {
  headers: { Authorization: `Bearer ${import.meta.env.VITE_RIJWIND_KEY}` },
});
const data = await res.json();
```

## Live playground

Don't want to copy-paste curl? The
[**dashboard playground**](https://rijwind.com/dashboard/playground)
runs real requests against the live API using your key — handy for
shaping a query before you wire it into code.
